Location: PHPKode > projects > OpenCMS > OpenCMS - Version Alpha/admin_subpage_modify_select_submit.php
<?php

session_start();

?>

<html><link rel='shortcut icon' href='favicon.ico'>
<head>
<title>
OpenCMS
</title>
</head>

<body bgcolor='#333333' topmargin='0' leftmargin='0'>

<div align='center'><img src='site_images/admin_header_opencms.jpg'></div>
<table width='960' cellspacing='0' cellpadding='20' border='0' align='center'>
<tr>
	<td bgcolor='#ffffff'>


	<?php
		include 'site_login.php';
	?>

	<br>

	<font face='arial' size='4' color='#000000'>
		<b>
			ADMIN - SUBPAGE Modify Select (Submit):
		</b>
	</font>


	<br>
	<br>

	<font face='arial' size='2' color='#000000'>

	<?php

		if ($_SESSION['session_id_login_verify'] == 'YES') {

			// Grabs the _POST variables...
			$type = $_POST['type'];
			$id = $_POST['id'];
			$text = $_POST['text'];
			$image = $_POST['image'];
			$video = $_POST['video'];
			$action = $_POST['action'];


			// This section replaces all bad characters from the form fields.
			$id_replace_quote_single = str_replace("'", "`", $id);
			$id_replace_quote_double = str_replace('"', "``", $id_replace_quote_single);
			$id_replace_slashes = str_replace("\\", "/", $id_replace_quote_double);
			$id_replace_lefthtml = str_replace("<", "[", $id_replace_slashes);
			$id_replace_righthtml = str_replace(">", "]", $id_replace_lefthtml);
			$id = $id_replace_righthtml;	

			$type_replace_quote_single = str_replace("'", "`", $type);
			$type_replace_quote_double = str_replace('"', "``", $type_replace_quote_single);
			$type_replace_slashes = str_replace("\\", "/", $type_replace_quote_double);
			$type_replace_lefthtml = str_replace("<", "[", $type_replace_slashes);
			$type_replace_righthtml = str_replace(">", "]", $type_replace_lefthtml);
			$type = $type_replace_righthtml;	

			$text_replace_quote_single = str_replace("'", "`", $text);
			$text_replace_quote_double = str_replace('"', "``", $text_replace_quote_single);
			$text_replace_slashes = str_replace("\\", "/", $text_replace_quote_double);
			$text_replace_lefthtml = str_replace("<", "[", $text_replace_slashes);
			$text_replace_righthtml = str_replace(">", "]", $text_replace_lefthtml);
			$text = $text_replace_righthtml;	

			$image_replace_quote_single = str_replace("'", "`", $image);
			$image_replace_quote_double = str_replace('"', "``", $image_replace_quote_single);
			$image_replace_slashes = str_replace("\\", "/", $image_replace_quote_double);
			$image_replace_lefthtml = str_replace("<", "[", $image_replace_slashes);
			$image_replace_righthtml = str_replace(">", "]", $image_replace_lefthtml);
			$image = $image_replace_righthtml;	

			$video_replace_quote_single = str_replace("'", "`", $video);
			$video_replace_quote_double = str_replace('"', "``", $video_replace_quote_single);
			$video_replace_slashes = str_replace("\\", "/", $video_replace_quote_double);
			$video_replace_lefthtml = str_replace("<", "[", $video_replace_slashes);
			$video_replace_righthtml = str_replace(">", "]", $video_replace_lefthtml);
			$video = $video_replace_righthtml;	

			$action_replace_quote_single = str_replace("'", "`", $action);
			$action_replace_quote_double = str_replace('"', "``", $action_replace_quote_single);
			$action_replace_slashes = str_replace("\\", "/", $action_replace_quote_double);
			$action_replace_lefthtml = str_replace("<", "[", $action_replace_slashes);
			$action_replace_righthtml = str_replace(">", "]", $action_replace_lefthtml);
			$action = $action_replace_righthtml;	


			include 'site_connect_mysql.php';

			//Connect To Database
			$mysql_OpenCMS_connection = mysql_connect($loginhostname, $loginusername, $loginpassword);
			mysql_select_db($logindatabase, $mysql_OpenCMS_connection);


			if ($action == 'MODIFY') {

				// SUBPAGES TYPE:
				$query = "
				UPDATE
				$connect_mysql_subpages_table
				SET
				$connect_mysql_subpages_type = '" . $type . "'
				WHERE
				" . $connect_mysql_subpages_id . " = '" . $id . "'
				";

				mysql_query($query)
				or die(mysql_error()
				);


				// SUBPAGES TEXT:
				$query = "
				UPDATE
				$connect_mysql_subpages_table
				SET
				$connect_mysql_subpages_text = '" . $text . "'
				WHERE
				" . $connect_mysql_subpages_id . " = '" . $id . "'
				";

				mysql_query($query)
				or die(mysql_error()
				);


				// SUBPAGES IMAGE:
				$query = "
				UPDATE
				$connect_mysql_subpages_table
				SET
				$connect_mysql_subpages_image = '" . $image . "'
				WHERE
				" . $connect_mysql_subpages_id . " = '" . $id . "'
				";

				mysql_query($query)
				or die(mysql_error()
				);


				// SUBPAGES VIDEO:
				$query = "
				UPDATE
				$connect_mysql_subpages_table
				SET
				$connect_mysql_subpages_video = '" . $video . "'
				WHERE
				" . $connect_mysql_subpages_id . " = '" . $id . "'
				";

				mysql_query($query)
				or die(mysql_error()
				);


				echo "Success! Subpage information has been updated in the system.";

			}


			if ($action == 'DELETE') {


				// SUBPAGES DELETE:
				$query = "
				DELETE FROM
				$connect_mysql_subpages_table
				WHERE
				" . $connect_mysql_subpages_id . " = '" . $id . "'
				";

				mysql_query($query)
				or die(mysql_error()
				);


				echo "Success! Subpage has been deleted from the system.";

			}


		}
		else {

			echo "Error: You do not have access to see this page. Go <a href='index.php'>Back</a>.";

		}


	?>

	</font>

	</td>
</tr>
</table>

<table width='960' cellspacing='0' cellpadding='20' border='0' align='center'>
<tr>
	<td bgcolor='#000000'>

		<font face='arial' size='1' color='#ffffff'>
			OpenCMS - Version Alpha - http://sourceforge.net/projects/open-cms/
		</font>

	</td>
</tr>
</table>

</body>
</html>



Return current item: OpenCMS